openSUSE-SU-2019:1816-1

Опубликовано: 30 июл. 2019

Источник: suse-cvrf

Описание

Security update for openexr

This update for openexr fixes the following issues:

Security issues fixed:

CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h (bsc#1040109).
CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp (bsc#1040113).
CVE-2017-9115: Fixed an invalid write of size 2 in the = operator function inhalf.h (bsc#1040115).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

libIlmImf-2_2-23-2.2.1-lp150.2.6.1

libIlmImf-2_2-23-32bit-2.2.1-lp150.2.6.1

libIlmImfUtil-2_2-23-2.2.1-lp150.2.6.1

libIlmImfUtil-2_2-23-32bit-2.2.1-lp150.2.6.1

openexr-2.2.1-lp150.2.6.1

openexr-devel-2.2.1-lp150.2.6.1

openexr-doc-2.2.1-lp150.2.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4R33H4I6A267MTMGXDDDO6AQWXTTDXQM/#4R33H4I6A267MTMGXDDDO6AQWXTTDXQM
E-Mail link for openSUSE-SU-2019:1816-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1040109
SUSE Bug 1040109
https://bugzilla.suse.com/1040113
SUSE Bug 1040113
https://bugzilla.suse.com/1040115
SUSE Bug 1040115
https://www.suse.com/security/cve/CVE-2017-9111/
SUSE CVE CVE-2017-9111 page
https://www.suse.com/security/cve/CVE-2017-9113/
SUSE CVE CVE-2017-9113 page
https://www.suse.com/security/cve/CVE-2017-9115/
SUSE CVE CVE-2017-9115 page

Описание

In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.

Затронутые продукты

openSUSE Leap 15.0:libIlmImf-2_2-23-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImf-2_2-23-32bit-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImfUtil-2_2-23-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImfUtil-2_2-23-32bit-2.2.1-lp150.2.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-9111.html
CVE-2017-9111
https://bugzilla.suse.com/1040109
SUSE Bug 1040109

Описание

In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.

Затронутые продукты

openSUSE Leap 15.0:libIlmImf-2_2-23-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImf-2_2-23-32bit-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImfUtil-2_2-23-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImfUtil-2_2-23-32bit-2.2.1-lp150.2.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-9113.html
CVE-2017-9113
https://bugzilla.suse.com/1040113
SUSE Bug 1040113

Описание

In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.

Затронутые продукты

openSUSE Leap 15.0:libIlmImf-2_2-23-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImf-2_2-23-32bit-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImfUtil-2_2-23-2.2.1-lp150.2.6.1

openSUSE Leap 15.0:libIlmImfUtil-2_2-23-32bit-2.2.1-lp150.2.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-9115.html
CVE-2017-9115
https://bugzilla.suse.com/1040115
SUSE Bug 1040115

openSUSE-SU-2019:1816-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2017-9111

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-9113

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2017-9115

Описание

Затронутые продукты

Ссылки